On 4/18/11 2:17 PM, hostmas...@g-net.be wrote: > > and when I configure my zone like this in named.conf.local : > > zone "zone.be" { > type master; > file "/dnszones/db.zone.be.signed"; > auto-dnssec maintain; > key-directory "/dnskeys/"; > sig-validity-interval 1; > > I get the following message in my logs : > > Apr 18 15:00:53 nssec named[3508]: /etc/bind/named.conf.local:25: > 'auto-dnssec maintain;' requires dynamic DNS to be configured in the > zone > Apr 18 15:00:53 nssec named[3508]: loading configuration: failure > Apr 18 15:00:53 nssec named[3508]: exiting (due to fatal error) > > ( by the way , I have disabled apparmor globally on my Ubuntu server for > now ) > > Is this due to my mistake ? Or permission related ? Hello,
As the message states if you are using 'auto-dnssec maintain;' then the zone needs to be configured as a dynamic zone. "Using the auto-dnssec option requires the zone to be configured to allow dynamic updates, by adding an allow-update or update-policy statement to the zone configuration. If this has not been done, the configuration will fail."[1] [1]http://ftp.isc.org/isc/bind9/cur/9.8/doc/arm/Bv9ARM.ch04.html#id2563529 _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users